Abstract
We provide a key recovery attack on type-1 Feistel construction based on the meet-in-the-middle technique. This construction is described by Zheng, Matsumoto, and Imai in CRYPTO 1989. Type-1 Feistel structure is a well-known construction used to construct ciphers and hash functions, such as CAST-256 and Lesamnta. For Type-1 Feistel construction with n-bit blocks and d sub-blocks, we launch a \(3d-1\) rounds distinguisher by using a special truncated differential. We present an attack on \(5d-3\) rounds with the data complexity \({{2}^{\frac{3}{d}n}}\) chosen plaintexts, the memory complexity \({{2}^{\frac{d-1}{d}n}}\) blocks, each block is n bits, and the time complexity \({{2}^{\frac{d-1}{d}n}}\) encryptions, which is the best known generic key recovery attack on Type-1 Feistel construction. The attack is valid if the key length \(k\ge n\).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Feistel, H.: Cryptography and computer privacy. Sci. Am. 228, 15–23 (1973)
Li, R.J., Jin, C.H.: Meet-in-the-middle attacks on 10-round AES-256. Des. Codes Crypt. 80(3), 459–471 (2015)
Sasaki, Y., Wang, L.: Meet-in-the-middle technique for integral attacks against Feistel ciphers. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 234–251. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35999-6_16
Lin, L., Wu, W., Zheng, Y.: Improved meet-in-the-middle distinguisher on Feistel schemes. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 122–142. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31301-6_7
Dinur, I., Dunkelman, O., Keller, N., Shamir, A.: New attacks on feistel structures with improved memory complexities. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part I. LNCS, vol. 9215, pp. 433–454. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_21
Derbez, P., Fouque, P.-A.: Automatic search of meet-in-the-middle and impossible differential attacks. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 157–184. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_6
Guo, J., Jean, J., Nikolić, I., Sasaki, Y.: Meet-in-the-middle attacks on generic Feistel constructions. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 458–477. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_24
Guo, J., Jean, J., et al.: Extended meet-in-the-middle attacks on some Feistel constructions. Des. Codes Crypt. 80(3), 587–618 (2016)
Guo, J., Jean, J., et al.: Meet-in-the-middle attacks on classes of contracting and expanding Feistel constructions. In: FSE 2017, IACR Transactions on Symmetric Cryptology, pp. 1–31 (2017)
Zheng, Y., Matsumoto, T., Imai, H.: On the construction of block ciphers provably secure and not relying on any unproved hypotheses. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 461–480. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_42
Nachef, V., Patarin, J., Volte, E.: Feistel Ciphers Security Proofs and Cryptanalysis. Springer, Heidelberg (2017)
Fouque, P.-A., Jean, J., Peyrin, T.: Structural evaluation of AES and chosen-key distinguisher of 9-round AES-128. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 183–203. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_11
Matsui, M.: On correlation between the order of S-boxes and the strength of DES. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 366–375. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053451
Nyberg, K.: Generalized Feistel networks. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 91–104. Springer, Heidelberg (1996). https://doi.org/10.1007/BFb0034838
Blondeau, C., Minier, M.: Analysis of impossible, integral and zero-correlation attacks on type-II generalized Feistelnetworks using the matrix method. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 92–113. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_5
Nachef, V., Volte, E., Patarin, J.: Differential attacks on generalized Feistel schemes. In: Abdalla, M., Nita-Rotaru, C., Dahab, R. (eds.) CANS 2013. LNCS, vol. 8257, pp. 1–19. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-02937-5_1
Pudovkina, M., Toktarev, A.: Numerical semigroups and bounds on impossible differential attacks on generalized Feistel schemes. In: Kotulski, Z., Księżopolski, B., Mazur, K. (eds.) CSS 2014. CCIS, vol. 448, pp. 1–11. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44893-9_1
Acknowledgements
The authors would like to thank editors and anonymous referees for their valuable suggestions. This work was supported by National Natural Science Foundation of China (Grant No.61772547, 61402523 and 61272488).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Deng, Y., Jin, C., Li, R. (2018). Meet in the Middle Attack on Type-1 Feistel Construction. In: Chen, X., Lin, D., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2017. Lecture Notes in Computer Science(), vol 10726. Springer, Cham. https://doi.org/10.1007/978-3-319-75160-3_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-75160-3_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75159-7
Online ISBN: 978-3-319-75160-3
eBook Packages: Computer ScienceComputer Science (R0)